A serious flaw in SSL certificate handling reported by Mike Benham, affecting IE and Konqueror, has already been fixed by KDE's Waldo Bastian, we're pleased to mention.
The fix is available only in the CVS (Concurrent Versions System) tree at the moment, but KDE reckons it will have patched binaries available for its 3.0.3 version, available early next week. A patch for KDE 2.2.x is currently in the works.
As for Microsoft? According to Benham they haven't even replied to him yet. Apparently, real Trustworthy Computing takes an enormous amount of time.
